Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B6DA2BD8E33F11EB9832A354C4F9AE02.roa
File:                     B6DA2BD8E33F11EB9832A354C4F9AE02.roa (raw, json)
Hash identifier:          uoO9Im5pkYbvz3VL3E29jCslGLRvKNamupOW6QMeXM4=
Subject key identifier:   F9:67:95:DF:EB:84:33:52:F6:F5:64:0A:E6:50:F4:8F:86:4B:51:18
Certificate issuer:       /CN=A91C56FB/serialNumber=93C058A0DF1773012459164B5A80D85372C7E292
Certificate serial:       1539
Authority key identifier: 93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B6DA2BD8E33F11EB9832A354C4F9AE02.roa
Signing time:             Sat 04 Jul 2026 17:17:02 +0000
ROA not before:           Sat 04 Jul 2026 17:17:02 +0000
ROA not after:            Tue 31 Aug 2027 00:00:00 +0000
asID:                     137443
IP address blocks:        103.117.100.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl
                          rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 17:06:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5433 (0x1539)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C56FB, serialNumber=93C058A0DF1773012459164B5A80D85372C7E292
        Validity
            Not Before: Jul  4 17:17:02 2026 GMT
            Not After : Aug 31 00:00:00 2027 GMT
        Subject: CN=6a49400d-501b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:60:27:9b:c1:be:77:ec:8b:83:f3:48:60:52:
                    4a:48:a6:87:2e:c0:22:69:47:94:b5:3f:0a:cb:37:
                    38:13:68:2b:7b:51:bf:ba:84:72:9f:93:74:51:45:
                    f7:8a:ac:97:89:8e:d7:fc:6a:5a:fa:9d:76:2d:25:
                    a5:99:8d:8d:8e:e7:2d:0d:28:bf:5a:7a:94:a0:52:
                    b5:57:30:7f:71:26:ef:a9:fa:0f:80:d6:d5:b8:fa:
                    4a:da:6b:80:cf:f8:4a:48:e0:89:ad:dd:74:b5:ba:
                    e3:b9:84:49:fb:52:21:28:dd:8d:5e:b1:84:8f:49:
                    c5:19:6d:25:fd:39:63:15:f3:6d:6d:88:ec:7f:46:
                    fc:33:20:24:4d:93:69:e3:33:b3:7b:7f:3f:89:cf:
                    7c:60:5e:c6:0b:3b:c3:5b:dd:78:78:69:db:4d:82:
                    2e:76:f5:0a:d4:75:12:83:eb:84:21:3c:06:ca:83:
                    6a:8a:d3:4e:df:0a:98:65:30:00:90:73:10:72:66:
                    9c:f2:70:9a:82:27:c1:6a:26:f8:48:17:55:90:47:
                    2c:76:e8:13:a6:66:ef:33:d7:d4:6b:26:29:67:61:
                    13:72:32:14:28:77:1a:96:b7:1f:a7:3c:20:59:5b:
                    2b:f7:aa:c1:c8:d2:24:95:1c:8a:02:37:40:29:05:
                    35:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:67:95:DF:EB:84:33:52:F6:F5:64:0A:E6:50:F4:8F:86:4B:51:18
            X509v3 Authority Key Identifier:
                keyid:93:C0:58:A0:DF:17:73:01:24:59:16:4B:5A:80:D8:53:72:C7:E2:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/k8BYoN8XcwEkWRZLWoDYU3LH4pI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k8BYoN8XcwEkWRZLWoDYU3LH4pI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C56FB/E9F51046783A11E8907D521AC4F9AE02/B6DA2BD8E33F11EB9832A354C4F9AE02.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.117.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:3f:5e:ba:ed:0c:a6:24:7c:e3:69:26:3b:d3:59:43:8d:dc:
         07:f7:78:58:95:4b:ec:31:2a:88:91:bc:12:2c:a8:f0:9f:50:
         2f:59:ae:16:e6:9a:0e:5d:a1:bc:1b:52:e6:8b:8d:7d:4a:2e:
         ac:ed:c3:37:e0:db:a2:2f:cc:e6:d1:6a:8c:cb:d1:50:5e:8c:
         93:61:20:0c:c3:d9:86:27:76:58:21:80:2c:b9:49:44:17:88:
         b0:b3:00:ab:35:3a:2c:f3:ad:93:88:7b:32:97:fe:39:38:fa:
         3a:e9:9b:75:a7:36:f6:91:06:59:f3:1f:57:46:68:75:45:90:
         15:b3:30:d8:f0:40:47:4c:25:48:73:3b:ff:5d:97:9c:25:1a:
         dd:12:88:6f:b7:28:db:54:13:22:a1:f6:e1:32:06:10:78:11:
         8a:56:52:a3:18:1e:7d:83:ad:76:a1:3e:37:7c:d5:9f:a9:e0:
         04:f7:47:cb:a8:08:fa:cc:01:e2:87:50:9c:e0:fd:46:b8:8f:
         fa:93:b0:06:cd:6b:eb:10:e2:b1:f4:18:b3:f1:56:e3:d9:43:
         5d:82:a0:88:54:b7:8c:22:25:d5:6d:4d:31:7d:4a:9d:97:df:
         be:2a:3f:95:51:de:90:c7:61:e9:d0:4b:e4:aa:dd:b2:21:7c:
         8d:01:44:3f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICFTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzU2RkIxMTAvBgNVBAUTKDkzQzA1OEEwREYxNzczMDEyNDU5MTY0QjVBODBEODUz
NzJDN0UyOTIwHhcNMjYwNzA0MTcxNzAyWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ5NDAwZC01MDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm2Anm8G+d+yLg/NIYFJKSKaHLsAiaUeUtT8Kyzc4E2gre1G/uoRyn5N0UUX3
iqyXiY7X/Gpa+p12LSWlmY2NjuctDSi/WnqUoFK1VzB/cSbvqfoPgNbVuPpK2muA
z/hKSOCJrd10tbrjuYRJ+1IhKN2NXrGEj0nFGW0l/TljFfNtbYjsf0b8MyAkTZNp
4zOze38/ic98YF7GCzvDW914eGnbTYIudvUK1HUSg+uEITwGyoNqitNO3wqYZTAA
kHMQcmac8nCagifBaib4SBdVkEcsdugTpmbvM9fUayYpZ2ETcjIUKHcalrcfpzwg
WVsr96rByNIklRyKAjdAKQU1xQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFPlnld/r
hDNS9vVkCuZQ9I+GS1EYMB8GA1UdIwQYMBaAFJPAWKDfF3MBJFkWS1qA2FNyx+KS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTZGQi9FOUY1MTA0Njc4
M0ExMUU4OTA3RDUyMUFDNEY5QUUwMi9rOEJZb044WGN3RWtXUlpMV29EWVUzTEg0
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2s4QllvTjhYY3dFa1dSWkxXb0RZVTNMSDRwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzU2RkIvRTlGNTEwNDY3ODNBMTFFODkwN0Q1MjFBQzRGOUFFMDIvQjZEQTJCRDhF
MzNGMTFFQjk4MzJBMzU0QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ3VkMA0GCSqGSIb3DQEBCwUAA4IBAQBmP1667QymJHzjaSY701lD
jdwH93hYlUvsMSqIkbwSLKjwn1AvWa4W5poOXaG8G1Lmi419Si6s7cM34NuiL8zm
0WqMy9FQXoyTYSAMw9mGJ3ZYIYAsuUlEF4iwswCrNTos862TiHsyl/45OPo66Zt1
pzb2kQZZ8x9XRmh1RZAVszDY8EBHTCVIczv/XZecJRrdEohvtyjbVBMiofbhMgYQ
eBGKVlKjGB59g612oT43fNWfqeAE90fLqAj6zAHih1Cc4P1GuI/6k7AGzWvrEOKx
9Biz8Vbj2UNdgqCIVLeMIiXVbU0xfUqdl9++Kj+VUd6Qx2Hp0Evkqt2yIXyNAUQ/
-----END CERTIFICATE-----
Generated at Wed Jul 8 22:04:38 2026 by rpki-client